Lucene search
Veracode Vulnerability DatabaseVERACODE:5164HistorySep 25, 2017 - 10:59 a.m.
Cross-site Scripting (XSS)
2017-09-2510:59:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
33.4%
erusev/parsedown is vulnerable to cross-site scripting (XSS) attacks. The library does not do any filtering or sanitization before parsing markdown, allowing a malicious user to inject and execute arbitrary web script.
| CPE | Name | Operator | Version |
|---|---|---|---|
| erusev/parsedown | le | 1.6.4 |
Related
fedora
fedora
[SECURITY] Fedora 29 Update: php-erusev-parsedown-1.7.1-1.fc29
2019-03-06 06:58:57
[SECURITY] Fedora 28 Update: php-erusev-parsedown-1.7.1-1.fc28
2019-03-06 15:29:00
friendsofphp
friendsofphp
Cross-Site Scripting
1970-01-01 00:00:00
Cross-Site Scripting
1970-01-01 00:00:00
prion
prion
Cross site scripting
2018-04-18 19:29:00
openvas
openvas
Fedora Update for php-erusev-parsedown FEDORA-2019-009fdcfb60
2019-03-07 00:00:00
Fedora Update for php-erusev-parsedown FEDORA-2019-b02e9bf467
2019-05-07 00:00:00
cvelist
cvelist
CVE-2018-1000162
2018-04-18 19:00:00
nessus
nessus
Fedora 29 : php-erusev-parsedown (2019-b02e9bf467)
2019-03-06 00:00:00
Fedora 28 : php-erusev-parsedown (2019-009fdcfb60)
2019-03-07 00:00:00
cve
cve
CVE-2018-1000162
2018-04-18 19:29:00
osv
osv
Cross-site Scripting in Parsedown
2022-03-30 18:26:22
CVE-2018-1000162
2018-04-18 19:29:00
nvd
nvd
CVE-2018-1000162
2018-04-18 19:29:00
github
github
Cross-site Scripting in Parsedown
2022-03-30 18:26:22